Use of public key servers

Russell Valentine russ at
Fri Apr 9 04:04:04 CEST 2004


I've posted my public key on a public key server a while ago. A friend 
of mind was trying to explain to me that public key servers are useless 
and bad. His arguments where:

1) You can't prove a key from the public key server is really that 
persons public key, you still have to validate it some way. So you can 
get the key personally from that person in some way and at that time 
validate the key. Instead of using the key even thought it might not be his.

2) It allows evil people get to get data from the public key servers and 
do malicious things with it (Such as spammers with email addresses, or 
possibly know a username for a account on some server that hosts the email.)

I don't really know what to say to him, and am wondering if anyone could 
tell me or point me to some good reasons as to why you would want to 
post your public key on a public key server?


Russell Valentine
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : /pipermail/attachments/20040408/70df2f70/signature.bin

More information about the Gnupg-users mailing list